PHP Mailer allow only local delivery

D

directory92

Member
Dec 30, 2015
8
2
53
Lahore, Pakistan
cPanel Access Level
Root Administrator
Hello,
Is there any way to allow PHP mail only send emails to local email addresses,

For Example:
Lets say we have a contact form on a website "example.com" and its coded to sent email to [email protected] if someone fills that form on website it should work, But if its coded to sent emails to [email protected].net or [email protected] or any external domain it should not work.

Reason:
I don't want to turn off PHP mail function on server but as I have 900+ websites hosted on a server if a single WordPress website gets hacked it starts sending SPAM and gets main IP blacklisted.
 
Last edited by a moderator:
GOT

GOT

Get Proactive!
PartnerNOC
Apr 8, 2003
1,768
322
363
Chesapeake, VA
cPanel Access Level
DataCenter Provider
Afraid this is not possible. When a php script connects to localhost to send email (which is what the php mail() function does) it does not care or really even know what domain is actually calling it.

That said there are lots of ways to protect your server. Keeping wordpress updated is obviously key but if you cannot do that or your users are unwilling to do so, then you could check out patchman.co which helps a lot with this kind of thing.

You can also use a server side waf like mod_security to help. The comodo free rule set is pretty good.

You can also sign up for an outbound mail filtering system like that provided by mailchannels.com.

Lastly there are server side malware scanners like immunify360 AV and cpMalScan.
 
  • Like
Reactions: SamuelM and cPRex
D

directory92

Member
Dec 30, 2015
8
2
53
Lahore, Pakistan
cPanel Access Level
Root Administrator
@GOT
Thank you so much for reply, Can you tell me any solutions as many WordPress users use nulled themes and once developed it starts sending SPAM or malware or phishing contents. Any FREE solution for that to manage 1000+ websites.
 
S

SamuelM

Technical Analyst Team Lead
Nov 20, 2019
196
38
103
USA
cPanel Access Level
Root Administrator
Hello @directory92,

While it's possible there are free solutions for combating Wordpress malware, I don't know of any personally. I would certainly recommend you configure ClamAV to scan the home directories of accounts with Wordpress sites, as that is a free antivirus solution that is included with cPanel:

Configure ClamAV Scanner - Version 84 Documentation - cPanel Documentation

documentation.cpanel.net documentation.cpanel.net

As GOT mentioned, imunify360 is another non-free option you could investigate if you want to take a more proactive approach.

If you already know that users' use of the illegitimate Wordpress themes is causing the problem, I would also suggest that you discourage your users from engaging in this practice.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
P System email receiving emails rather than G Suite when testing with PHP Mailer Email 2
PabloC SOLVED Update phpMailer? Email 7
cPanelResources Tutorial How to use the PHPMailer library to send messages via SMTP Email 2
Z SOLVED PHPMailer returning SMTP connect() failed Email 2
T Cant send mails with PHPMailer Email 1
Similar threads
System email receiving emails rather than G Suite when testing with PHP Mailer
SOLVED Update phpMailer?
Tutorial How to use the PHPMailer library to send messages via SMTP
SOLVED PHPMailer returning SMTP connect() failed
Cant send mails with PHPMailer
Top Bottom